Effective Date: May 12, 2026
At DALE Labs, privacy is not a feature—it is a foundational value. We believe that for a human-AI partnership to be effective, it must be built on absolute trust. Your data exists to serve you—not advertisers, not data brokers, not secondary markets. This policy describes what we collect across all of our products, how we protect it, and the controls you have.
This policy applies to all products operated by DALE Labs, LLC, including:
Where a section below describes a feature that is specific to one product (for example, ARPilot’s shared learning pool or transactional SMS), the section calls that out explicitly. The principles in this policy — minimization, encryption, tenant isolation, opt-in by default — apply across every product we ship.
We collect only the information necessary to provide the product you signed up for. We minimize collection to what is strictly required for operation.
Name, email address, and company name provided during registration. Authentication is handled securely with encrypted password storage.
The records you create or import while using a product — for example, invoices and customer information in ARPilot, leads and outreach drafts in CRM, page seeds and generated content in pSEO. This data is yours and is used exclusively to power your own workflows within that product.
API keys and credentials for third-party services you choose to connect (accounting software, email providers, Google Workspace, payment processors, etc.). All credentials are encrypted at rest before storage.
Email, SMS, and voice content generated through workflows you configure, including delivery status (opens, clicks, responses) when those features are enabled. This applies primarily to ARPilot and CRM, which send communications on your behalf.
Anonymous site and product analytics to help us understand how each product is used and improve the experience.
Security is not an afterthought. It is built into every layer of our architecture, across all DALE Labs products.
All sensitive credentials and data are encrypted at rest using industry-standard encryption. Encryption keys are managed securely and never exposed.
Every data table enforces row-level security, ensuring complete tenant isolation. Your data is accessible only to you and your authorized team members — never to other users of the platform.
Two-factor authentication is available for all users and enforced on sensitive operations for business owners. This provides an additional layer of protection beyond passwords.
Granular permission system with per-resource permission checks. Team members only see and modify what their role allows.
Automatic session validation, token refresh, and stale session cleanup prevent unauthorized access.
Public-facing features (such as dispute forms and payment pages) use unique, unguessable tokens rather than predictable identifiers, preventing unauthorized access.
We use your data to:
You have full control over your data across every DALE Labs product.
You can delete all your data through the application settings of each product. This performs a comprehensive deletion of all your records associated with that product, including any communications, workflows, and integrations.
Per-type toggles for all notification categories. You decide which notifications you receive and which are silenced.
Within ARPilot and CRM, you can maintain a per-phone-number blocklist with source tracking. Numbers can be added due to customer request, legal requirement, opt-out, or manual entry.
Per-contact consent records tracking the method and expiry of consent for phone communications.
Toggle whether customer replies are routed back through the platform or directed to your own email address.
Granular opt-in/opt-out control for ARPilot's shared learning pool, with your choice of anonymization level. Changes take effect immediately.
DALE Labs products integrate with select third-party services to deliver their core functionality. Each integration that requires your credentials is optional and activated only when you explicitly configure it.
Our products rely on trusted providers across the following categories:
Hosting, database, and identity management services that form the backbone of every product.
Services that deliver scheduled email, SMS, and voice communications on your behalf as part of your configured workflows.
Services that securely handle payment transactions, including subscription billing and customer payment collection.
Services that power AI-driven recommendations, content generation, and workflow optimization across our products.
Anonymous usage analytics to help us understand how each product is used and improve the experience.
Applies to ARPilot and CRM. These products operate as business-to-business (B2B) platforms that enable our business clients to send SMS notifications to their own customers. All SMS messages sent through these products are strictly transactional in nature (payment reminders, payment confirmations, appointment notifications, lead follow-ups, dispute updates). No marketing or promotional SMS messages are sent.
No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All categories of data described in this policy exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
End recipients provide explicit SMS consent via a personalized Communication Preferences portal linked from the messages they receive. At the time of opt-in, full CTIA-required disclosure is displayed: message types, sender identity, message frequency, applicable rates, and STOP/HELP instructions. A timestamped consent event is recorded for each opt-in action.
Recipients may opt out at any time by replying STOP (or UNSUBSCRIBE, CANCEL, END, QUIT) to any SMS message, or by visiting their Communication Preferences portal and disabling Text Messages. Opt-outs are honored immediately and permanently.
Message frequency varies based on account activity, typically 1–8 messages per month per recipient. Standard message and data rates may apply.
The optional Shared Learning program described in Section 5 involves only anonymized workflow performance data from ARPilot. SMS opt-in consent records, phone numbers, and message content are explicitly excluded from the Shared Learning pool and are never contributed to any shared dataset.
For any privacy-related questions, data requests, or concerns, contact us at:
We will respond to privacy inquiries within 30 days. This policy may be updated from time to time. Material changes will be communicated through the platform.
Want to learn more about our philosophy and approach?
Read Our Foundational Essay